Category Archives: Pharmacy
Anti-Kickback statutes (AKS) and Stark law are extremely important issues in health care. Violations of these laws yield harsh penalties. Yet, many healthcare professionals have little to no knowledge on the details of these two legal beasts.
The most common question I get regarding AKS and Stark is: Do AKS and Stark apply to private payers? Health care professionals believe, if I don’t accept Medicare or Medicaid, then I don’t need to worry about AKS and Stark. Are they correct??
The general and overly broad response is that the Stark Law, 42 USC § 1395nn, only applies to Medicare and Medicaid. The AKS, 42 USC § 1320a-7b(b)),applies to any federal healthcare program.
Is there a difference between AKS and Stark?
Answer: Yes. As discussed above, the first difference is that AKS applies to all federal healthcare programs. This stark difference (pun intended) makes the simple decision to not accept Medicare and Medicaid, thus allowing you to never worry about AKS, infinitely more difficult.
Let’s take a step back… What are AKS and Stark laws and what do these laws prohibit? When you Google AKS and Stark, a bunch of legal blogs pop up and attempt to explain, in legalese, what two, extremely esoteric laws purport to say, using words like “renumeration,” “knowing and willful,” and “federal healthcare program.” You need a law license to decipher the deciphering of AKS and Stark. The truth is – it ain’t rocket science.
The AKS is a criminal law; if you violate the AKS, you can be prosecuted as a criminal. The criminal offense is getting something of value for referrals. You cannot refer patients to other health care professionals in exchange for money, reduced rent, use of laboratory equipment, referrals to you, health services for your mother, marketing, weekly meals at Ruth’s Chris, weekly meals at McDonalds, oil changes, discounted theater tickets, Uber rides, Costco coupons, cooking lessons, or…anything of value, regardless the value.
Safe harbors (exceptions to AKS) exist. But those exceptions better fit squarely into the definition of the exceptions. Because there are no exceptions beyond the enumerated exceptions.
AKS is much more broad in scope than Stark. Other than Medicare and Medicaid, AKS applies to any health care plan that utilizes any amount of federal funds. For example, AKS applies to Veterans Health Care, State Children’s Health Programs (CHIP), Federal Employees Health Benefit Program, and many other programs with federal funding. Even if you opt to not accept Medicare and Medicaid, you may still be liable under AKS.
Stark law, on the other hand, is more narrow and only applies to Medicare and Medicaid. I find the following “cheat sheet” created by a subdivision of the Office of Inspector General to be helpful in understanding AKS and Stark and the differences between the two:
One other important aspect of Stark is that is considered “strict liability,” whereas AKS requires a proving of a “knowing and willful” action.
Feel free to print off the above chart for your reference. However, see that little asterisk at the bottom of the chart? It applies here as well.
Happy New Year, readers!!! A whole new year means a whole new investigation plan for the government…
The Department of Health and Human Services (HHS) Office of Inspector General (OIG) publishes what is called a “Work Plan” every year, usually around November of each year. 2017 was no different. These Work Plans offer rare insight into the upcoming plans of Medicare investigations, which is important to all health care providers who accept Medicare and Medicaid.
For those of you who do not know, OIG is an agency of the federal government that is charged with protecting the integrity of HHS, basically, investigating Medicare and Medicaid fraud, waste, and abuse.
So let me look into my crystal ball and let you know which health care professionals may be audited by the federal government…
The 2017 Work Plan contains a multitude of new and revised topics related to durable medical equipment (DME), hospitals, nursing homes, hospice, laboratories.
For providers who accept Medicare Parts A and B, the following are areas of interest for 2017:
- Hyperbaric oxygen therapy services: provider reimbursement
- Inpatient psychiatric facilities: outlier payments
- Skilled nursing facilities: reimbursements
- Inpatient rehabilitation hospital patients not suited for intensive therapy
- Skilled nursing facilities: adverse event planning
- Skilled nursing facilities: unreported incidents of abuse and neglect
- Hospice: Medicare compliance
- DME at nursing facilities
- Hospice home care: frequency of on-site nurse visits to assess quality of care and services
- Clinical Diagnostic Laboratories: Medicare payments
- Chronic pain management: Medicare payments
- Ambulance services: Compliance with Medicare
For providers who accept Medicare Parts C and D, the following are areas of interest for 2017:
- Medicare Part C payments for individuals after the date of death
- Denied care in Medicare Advantage
- Compounded topical drugs: questionable billing
- Rebates related to drugs dispensed by 340B pharmacies
For providers who accept Medicaid, the following are areas of interest for 2017:
- States’ MCO Medicaid drug claims
- Personal Care Services: compliance with Medicaid
- Medicaid managed care organizations (MCO): compliance with hold harmless requirement
- Hospice: compliance with Medicaid
- Medicaid overpayment reporting and collections: all providers
- Medicaid-only provider types: states’ risk assignments
- Accountable care
Caveat: The above-referenced areas of interest represent the published list. Do not think that if your service type is not included on the list that you are safe from government audits. If we have learned nothing else over the past years, we do know that the government can audit anyone anytime.
If you are audited, contact an attorney as soon as you receive notice of the audit. Because regardless the outcome of an audit – you have appeal rights!!! And remember, government auditors are more wrong than right (in my experience).
Medicare is the largest payor of clinical lab services in the nation. Clinical lab services include everything from blood counts to urinalyses, and every letter of the alphabet in between. Lab services are performed by hospitals, independent labs, physicians, or other institutions.
Medicare Part B (which covers lab services) has had increased enrollment over the past few years, but the amount billed to Part B over the past few years has increased at a much higher rate. In other words, the amount of lab services billed to Part B has increased disproportionately to the increase in enrollment. Any number of factors could contribute to this: defensive practice of medicine, more reliance on laboratory testing, more labs…
Regardless, the higher billing amounts in lab services has now won the prestigious award of “Increased CMS Scrutiny!” (sarcasm, people). And the crowd goes wild!!!!
Mid-2014, the U.S. Office of Inspector General (OIG) published a study entitled, “Questionable Billing for Medicare Part B Clinical Laboratory Services.” OIG determined that Medicare allowed $1.5 billion to be paid for claims with questionable billing. It recommended that CMS: (1) review the labs identified with questionable billing and take appropriate action; (2) review program integrity strategies and determine whether such strategies are adequate; and (3) ensure that claims with invalid and ineligible ordering-physician numbers are not being paid.
In normal and expectant government time frames, the “dinosauric beast” has now determined, a little over a year later, that laboratory service claims warrant enhanced scrutiny. And a little over 85 years after its discovery, we finally determine that Pluto isn’t a planet.
CMS zoomed in their lens of scrutiny on lab services multiple times over a decade ago. Each “CMS zoom” resulted in millions and millions of money given to the federal government, which perpetuates the feds to zoom more and more…it’s easy money.
For example, in 2000, OIG issued Project LabScam, which resulted in substantial settlements against Laboratory Corporation of America Holdings, SmithKline Beecham, Met/Path, Damon, Roche, and Allied.
In 2002, OIG found that Medicare incorrectly paid $7.4 million for lab services with invalid ordering UPINs and $15.3 million for lab service claims with inactive ordering UPINs.
What does this mean to providers of lab services today?
It means you need to be prepared for an audit.
When I was young, one of my favorite games was “Red Rover.” Children would grasp arms and form a straight line facing the other team, which was doing the same. I would yell, “Red River, Red Rover, send Holly right over!” At which time, little Holly would be released from her line and prepare to run, full speed, into my line of little kids’ arms. Inevitably, once we saw where Holly was running, we would tighten up our grasps on one another’s arms to prepare for the impact.
Similarly, in preparation for upcoming audits, lab service providers need to tighten up.
The best way to be certain of your risks in a potential audit is to hire a professional consultant or an experienced attorney to review a large sample of your documents. This allows an outsider to provide an unbiased opinion as to your risk. You may have the best billing manager in the world, but, when it comes to a self audit, he or she already believes that his or her documentation is stellar and that the organization of such documents is self evident. Having an outsider audit your records is worth its weight in gold and the best way to tighten up pre-audit.
The second best way to be certain of your risks in a potential audit is to self audit. Even if you hire a consultant or an attorney for a one time, third-party audit, you still want to self-audit multiple times a year. Every now and then you need to kick the old tires.
How do you self audit?
FYI: My general explanation of how to self audit will be appropriate for all health care service provider types. I will describe some more detailed ways to self audit that will be specific to lab services.
In order to self audit, I teach the IAKA method, not to be confused with IKEA.
- Identify common risks
- Audit a sample of your documents
- Keep record of each step of your audit, including findings
- Act on the findings.
What are the common red flags in your industry?
For lab services, common red flags may be high average allowed amounts per ordering physician, high percentage of claims with ineligible ordering-physician numbers, high percentage of claims with compromised beneficiary numbers, and high percentage of duplicate lab tests.
Here’s an area to look into that you may not otherwise consider in a self audit: what percentage of your lab clients live outside 100 miles? This may sound hoaky, but I had a lab service client flagged because 92% of the clients resided over 150 miles away. There was a perfectly reasonable explanation for such anomaly, the lab was located in a large, prestigious hospital in a rural area and people came from miles away to the hospital, but the statistic still flagged it.
Another specific item to review is, on average, how much does each physician bill in the laboratory? Do you have 4 physicians who bill, on average, $60,000+ per ordering physician? Because, for an independent lab, that would be very high.
For the actual self audit, you want to break up the audit into two categories: standards and procedures and document compliance.
For standards and procedures, you are reviewing whether you are properly orienting new hires, the specific training you implement, your criminal background check procedures, HIPAA training, your license renewal processes, your certification renewal processes, etc.
For document compliance, you are reviewing for physician signatures and dates.
NOTE: It is not required, but it is extremely prudent to print the name of the signator underneath all signatures. I have seen auditors ding providers on “physicians not being licensed/credentialed” because the auditor could not read the name of the physician.
You are also reviewing for medical necessity, eligible ordering-physician numbers, distance the client is to the lab, amount prescribed to that particular client, amount prescribed by that particular physician, whether that test prescribed for the same client within a 12 month period, coding compliance, etc.
It is imperative that you keep meticulous records while you conducting the audits. You want to be able to show an auditor that you caught a mistake and that you implemented a plan of correction to remedy the mistake going forward. And that, in actuality, you remedied the mistake going forward. This documentation is essential for possible defenses to alleged potential overpayments, false claims, and, even, alleged criminal actions. Your documentation skills could be the difference between paying millions in penalties, or, in the extreme case, jail.
I got ahead of myself in the prior section by saying that you need to document the way in which you fix the mistake. But I cannot emphasize it enough. Acting on your findings is important, obviously, but documenting the actions is more important. Ever hear the saying, “If it isn’t documented, it didn’t happen?” Take that as gospel.
Be prepared. Be proactive. Be ready. Tighten up!
Planning for the inevitable is smart. And it is inevitable if you are a provider and you accept Medicaid that you will undergo some sort of review, whether it is onsite or database checks, in the near future. And only two outcomes can result from this upcoming review:
Are YOU ready for that test???
So, it is imperative to arm yourself with knowledge of your rights, a liability insurance policy that covers attorneys’ fees (and lets you pick your attorney), and confidence that your billing practices comply with rules and regulations. If you do not know whether your billing practices comply, do a self-audit or hire a knowledgeable billing expert to audit you.
Read or not here they come…
Beginning June 9, 2014, Public Consulting Group (PCG) began scheduling post-enrollment site visits to fulfill federal regulations 42 CFR 455.410 and 455.450, which require all participating providers to be screened according to their categorical risk level: high, moderate, or limited.
What does being high, moderate, or limited risk mean?
If you are limited risk, the state will check your licenses, ensure that you, as a provider, meet criteria for applicable federal and state statutes, conduct license verifications, and conduct database checks on a pre- and post-enrollment basis to ensure that providers continue to meet the enrollment criteria for their provider type. This is the only category that does not need an onsite review.
If you are moderate risk, the state does everything for you as if you are a limited risk plus perform on-site reviews. (Enter PCG).
If you are high risk, the state will perform all reviews as if you are a moderate risk but also will conduct a criminal background check, and require the submission of a set of fingerprints in accordance with §455.434. (And you thought fingerprints for only for the accused.)
Let’s discuss in which level risk you fall. NC Gen. Stat §108C-3 spells out the risk levels. Are you a new personal care service (PCS) provider getting ready to start your own business? You are high risk. Are you a directly-enrolled behavioral health care provider rendering outpatient behavioral health care services? You are high risk. Do you provide HIV Management services? You are high risk.
Here is a list of high risk providers:
- Prospective (newly enrolling) adult care homes delivering Medicaid-reimbursed services.
- Agencies providing behavioral health services, excluding Critical Access Behavioral Health Agencies
- Directly enrolled outpatient behavioral health services providers.
- Prospective (newly enrolling) agencies providing durable medical equipment, including, but not limited to, orthotics and prosthetics.
- Agencies providing HIV case management.
- Prospective (newly enrolling) agencies providing home or community-based services pursuant to waivers authorized by the federal Centers for Medicare and Medicaid Services under 42 U.S.C. § 1396n(c).
- Prospective (newly enrolling) agencies providing personal care services or in-home care services.
- Prospective (newly enrolling) agencies providing private duty nursing, home health, or home infusion.
- Providers against whom the Department has imposed a payment suspension based upon a credible allegation of fraud in accordance with 42 C.F.R. § 455.23 within the previous 12-month period. The Department shall return the provider to its original risk category not later than 12 months after the cessation of the payment suspension.
- Providers that were excluded, or whose owners, operators, or managing employees were excluded, by the U.S. Department of Health and Human Services Office of Inspector General or another state’s Medicaid program within the previous 10 years.
- Providers who have incurred a Medicaid or Health Choice final overpayment, assessment, or fine to the Department in excess of twenty percent (20%) of the provider’s payments received from Medicaid and Health Choice in the previous 12-month period. The Department shall return the provider to its original risk category not later than 12 months after the completion of the provider’s repayment of the final overpayment, assessment, or fine.
- Providers whose owners, operators, or managing employees were convicted of a disqualifying offense pursuant to G.S. 108C-4 but were granted an exemption by the Department within the previous 10 years.
Here is a list of moderate risk providers:
- Ambulance services.
- Comprehensive outpatient rehabilitation facilities
- Critical Access Behavioral Health Agencies.
- Hospice organizations
- Independent clinical laboratories.
- Independent diagnostic testing facilities.
- Pharmacy Services.
- Physical therapists enrolling as individuals or as group practices.
- Revalidating adult care homes delivering Medicaid-reimbursed services.
- Revalidating agencies providing durable medical equipment, including, but not limited to, orthotics and prosthetics
- Revalidating agencies providing home or community-based services pursuant to waivers authorized by the federal Centers for Medicare and Medicaid Services under 42 U.S.C. § 1396n(c).
- Revalidating agencies providing private duty nursing, home health, personal care services or in-home care services, or home infusion.
- Nonemergency medical transportation.
Here are the limited risk providers:
- Ambulatory surgical centers.
- End-stage renal disease facilities.
- Federally qualified health centers.
- Health programs operated by an Indian Health Program (as defined in section 4(12) of the Indian Health Care Improvement Act) or an urban Indian organization (as defined in section 4(29) of the Indian Health Care Improvement Act) that receives funding from the Indian Health Service pursuant to Title V of the Indian Health Care Improvement Act.
- Histocompatibility laboratories.
- Hospitals, including critical access hospitals, Department of Veterans Affairs Hospitals, and other State or federally owned hospital facilities
- Local Education Agencies.
- Mammography screening centers.
- Mass immunization roster billers.
- Nursing facilities, including Intermediate Care Facilities for the Mentally Retarded.
- Organ procurement organizations.
- Physician or nonphysician practitioners (including nurse practitioners, CRNAs, physician assistants, physician extenders, occupational therapists, speech/language pathologists, chiropractors, and audiologists), optometrists, dentists and orthodontists, and medical groups
According to the June 2014 Medicaid Bulletin, the onsite reviews will last approximately two hours and PCG will send 2 representatives to conduct the review.
How to prepare for the onSite reviews
- Read and learn. (or re-learn, whichever the case may be).
“Providers will be expected to demonstrate a working knowledge of N.C. Medicaid through responses to a series of questions.” See June 2014 Medicaid Bulletin.
Knowledge is power. Brush up on your applicable DMA Clinical Coverage Policy. Review the NC Medicaid Billing Guide. Re-read your provider participation agreement. If you don’t understand a section, go to your attorney and ask for an explanation. Actually read the pertinent federal and state statutes quoted in your participation agreements because, whether you know what the laws say or not, you signed that agreement and you will be held to the standards spelled out in the federal and state statutes.
- Call your liability insurance.
Be proactive. Contact your liability insurance agent before you get the notice of an onsite review from PCG. Have a frank, open discussion about these upcoming onsite reviews. Explain that you want to know whether you policy covers attorneys’ fees and whether you can choose your attorney. If your policy does not cover attorneys’ fees or does not allow you to choose your own lawyer, beef up your liability insurance plan to include both. Believe me, the premiums will be cheaper than an attorney from your own pocket.
- Be confident.
Presentation matters. If you whisper and cower before the PCG reviewers, you will come across as weak and/or trying to hide something. Be polite and forthcoming, but provide the information that is asked of you; do not supply more information than the reviewers do not request.
I always tell my clients before their deposition or a cross examination by the other side, “Answer the question that is asked. No more. If you are asked if your favorite color is blue, and you favorite color is red, the correct response is “No,” not “No, my favorite color is red.” Do not over-answer.
If you do not believe that you can be confident, ask your attorney to be present. I had someone tell me one time that he did not want an attorney present because he felt that the auditors would think he was hiding something and he did not want to appear litigious. I say, this is your company, your career, and your life. If you need the support of an attorney, get one. Whenever I give this advice, I try to imagine that I am telling the same advice to my mother. My mother, bless her heart, does not have the confidence to stand her ground in high pressure situations. She would rather yield her position than be the least bit confrontational. If that also describes you, have your attorney present.
- Know your rights.
What if you fail the onsite review? Can you appeal? You need to know your rights. When you get a notice from PCG that an onsite review is scheduled, contact your attorney. Make sure that BEFORE the onsite review, you understand all the possible consequences. Knowing your rights will also help with #3, confidence. If you know the worst case scenario, then you stop creating worse case scenarios in your mind and become more confident.
Ready or not, the PCG reviews are coming, so get ready!